Privacy Policy

Who We Are

This privacy policy applies to the website www.aegixcyber.com, operated by Aegix B.V., located at Rijnzathe 12, 3454 PV Utrecht, Netherlands, registered with the Dutch Chamber of Commerce (KvK) under number 98632094.

Aegix helps IT service providers, MSPs, and growing businesses across Europe stay secure through managed cybersecurity services. We value your privacy and handle your personal data carefully, in full compliance with the EU General Data Protection Regulation (GDPR).

Personal Data We Collect

We only process data you provide to us directly, or that is collected automatically when you visit our website or use our services.

Data you actively provide

For example, via a contact form, event registration, or email:

• First name
• Email address
• Phone number
• Company name (where applicable)
• Content of your message or inquiry

Data collected automatically

• IP address
• Browser and device information
• Website usage (via cookies and analytics tools)

Purposes and Legal Basis

We process your personal data for the following purposes:

Purpose	Legal basis
Responding to questions and inquiries	Consent / Legitimate interest
Performing agreements or providing services	Performance of a contract
Sending proposals, service updates, or invoices	Legitimate interest
Event notifications and webinar invites	Consent (opt-in form)
Improving website functionality and security	Legitimate interest
Marketing communications	Consent
Website analytics via cookies	Consent (cookie banner)

Cookies and Analytics

Our website uses cookies to improve your experience and analyze site performance. We use the following types:

• Functional cookies: Remember preferences and ensure proper website operation.
• Analytics cookies: Track usage to improve performance and content. IP addresses are anonymized where applicable.

You can refuse or delete cookies through your browser settings. More information on managing cookies can be found at allaboutcookies.org or youronlinechoices.eu.

Sharing Data with Third Parties

We only share your data with third parties when necessary for providing our services, complying with legal obligations, or ensuring the security and functionality of our website. Aegix signs Data Processing Agreements (DPAs) with all external processors to ensure secure and lawful handling of your data.

We use the following third-party processors:

• ActiveCampaign — email marketing and contact management. Used to send event notifications to contacts who have opted in. Data is stored in the United States under EU Standard Contractual Clauses (SCCs).
• Cloudflare — website hosting and delivery. Servers located within the EEA where possible.

If data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards such as EU Standard Contractual Clauses are in place.

Data Security

We apply strong technical and organizational security measures to prevent misuse, loss, or unauthorized access to your personal data. As a cybersecurity company, security is at the core of everything we do. Measures include:

• Encrypted connections (SSL/TLS) across all our systems
• Secure servers with restricted access controls
• Regular vulnerability testing and system updates
• API keys and credentials stored as encrypted environment variables, never in source code

If you suspect your data is not being handled securely, please contact us at privacy@aegixcyber.com.

Data Retention

Type of data	Retention period
Contact or inquiry details	Up to 24 months after last contact
Event opt-in and marketing contacts	Until you unsubscribe or request deletion
Contract or billing records	7 years (legal retention requirement)
Cookies	As determined by your browser or cookie preferences

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right to access your data
• Right to correct or delete your data
• Right to restrict processing
• Right to object to processing
• Right to data portability
• Right to withdraw consent at any time (without affecting prior processing)
• Right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via autoriteitpersoonsgegevens.nl

To exercise your rights, email us at privacy@aegixcyber.com. We will respond within 30 days.

Minors

Our website and services are not intended for individuals under 18 years old. We do not knowingly collect data from minors. If you believe we have done so, please contact us and we will delete the data promptly.

Changes to This Policy

We may update this privacy policy if our services or legal requirements change. The latest version is always available on this page.

Contact